pablito.eth 🦇🔊 ♢

Do NOT update to Android 16 yet. It works like shit.

Thousands of people in Cannes for EthCC and air traffic controllers are on strike in Cannes and lots of flights are being cancelled for Thursday and Friday.

Cointelegraph reports USD 200M were stolen from Brazil Central Bank and converted into BTC and USDT. Is there any confirmation of this?

Aggregating at EthCC with @Agglayer 🌊

Why do side event organizers approve 4x more people than the maximum capacity of their events? Very bad experience for people that also hurts their brands.

Aggregating at EthCC with @Agglayer 🌊

Citi Bank SMS phishing campaign

Lockpickers paradise 🔑

🚨 PHISHING LEDGER VIA SMS 🔐
Be careful with this new phishing campaign arriving via SMS targeting Ledger users.

🚨 NEW LEDGER PHISHING CAMPAIGN 🔐
There's a new ongoing campaign targeting Ledger users via SMS. Do not click any links, just delete the message.

How much more time is Google gonna wait to implement biometric security on @Android for every app that you want, as iOS already launched september last year with iOS 18? Installing third party apps for this is not a good idea. This is one of the few security features it lacks

Every day, dozens of people are being targeted, emptying their wallets, stealing their email, bank, social media accounts, etc. If you think that by "being alert" you're okay, or that you have it figured out and know how to detect these kinds of things, let me tell you that you are totally wrong and eventually, you will get caught. No matter how smart you think you are, you will fall for a phishing attack, install malware, or have some account compromised.
So if you want to prevent this, prepare additional security measures for that day when you do fall victim, for example:
- Install a good antivirus or, if possible, an EDR that detects the malicious software you download.
- Install a good firewall to prevent a stealer from stealing your data if the antivirus fails.
- Stop using apps like Google Authenticator and start using Yubikeys.
- Stop using hot wallets and buy a hardware wallet.
These are just a couple of VERY basic things. To survive in this ecosystem, you have to do much more for your security.
And if you are a company and don't have a good operational security strategy or think that the pentest you did or the SOC2 certification is sufficient, YOU WILL GET CAUGHT. Many companies in Argentina (exchanges, DeFi, and more) have already been attacked, costing them several greenbacks. Don't give yourselves away, stop financing North Korea.

Physical and Operational Security 101 @EthCC, Cannes
When: June 30, 15:30 hs @ Vision Room
To attend, you need to have an EthCC ticket and also to signup in the link I leave in the comments below 👇

16 billion usernames and passwords have just been leaked on the dark web and Telegram channels. These are combinations of usernames and passwords with their respective platforms, and it's very likely that there are logins of yours there. The most probable source is info stealers (malware that steals data from your device).
This is one of the reasons why we always recommend:
- Do not reuse passwords
- Use a secure second factor of authentication (never SMS, preferably YubiKey or at least an app like Authy or Google Authenticator)

16 billion username and passwords have been leaked. There's a high chance some of your credentials are there, most of them probably coming from info stealers. This is why we always recommend to never repeat passwords and to use secure 2FA methods such as Yubikeys or at least TOTP apps (Authy, Google auth, etc)

Has anyone migrated an address created in Metamask to Ledger? Did it recognize all the subaccounts okay? Any comments to keep in mind?
This is for an address that CANNOT be rotated (changed)

X (Twitter) phishing attempt.
Be careful with this stuff.

🚨 Phishing alert: there's an ongoing campaign impersonating @TAPSIGNER which arrives to the user inbox, bypassing spam and security filters.
- Website downloads executable malware to user.
- Domains were registered yesterday.

from: TAPSIGNER hello @ tapsignernewsletter (.) blog
date: Jun 12, 2025, 7:20 AM
subject: TAPSIGNER Native Desktop Application and Browser Extension
mailed-by: tapsignernewsletter (.) blog
signed-by: tapsignernewsletter (.) blog

Physical and Operational security Workshop, by @_SEAL_Org, @theredguild and @opsek_io during EthCC in Cannes, on June 30.
There are very few spots, link in first comment to apply 👇

Using pronouns should be the number one cause of misunderstandings. "See you there", "Yes, I will take it", "Let's go to this one", "I like the other one more", "Let him know", "I'll do it." Clarify, it never detracts.